Hide port number.


Assume you are using Spring Boot and you are doing something like this java -Dserver.port=8091 -jar shopApp.jar & to deploy the app, and off course you have Apache configuration to map address example.com to port 8091. Everything is ok but probably you can open the same page by typing example.com or IP:8091, not good. Here I describe how to hide port.

app probably is available under

- http://example.com
- IP.IP.IP.IP:8091

check which ports are open

sudo netstat -tlpn
-----------------------------------------------------------
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
...  
tcp6       0      0 :::80                   :::*                    LISTEN      368/apache2     
...     
tcp6       0      0 :::8091                 :::*                    LISTEN      903/java        
tcp6       0      0 :::8092                 :::*                    LISTEN      934/java  

iptables – List the rules

iptables --list

iptables – add new rules

iptables -A INPUT -p tcp -s localhost --dport 8091 -j ACCEPT
iptables -A INPUT -p tcp --dport 8091 -j DROP

iptables -A INPUT -p tcp -s localhost --dport 8092 -j ACCEPT
iptables -A INPUT -p tcp --dport 8092 -j DROP

iptables – remove rules (in case if you will screw something)

iptables -D INPUT -p tcp -s localhost --dport 8091 -j ACCEPT
iptables -D INPUT -p tcp --dport 8091 -j DROP

iptables -D INPUT -p tcp -s localhost --dport 8092 -j ACCEPT
iptables -D INPUT -p tcp --dport 8092 -j DROP

iptables – List the rules

iptables --list

remember, now you apache should use localhost no IP

vim /etc/apache2/sites-enabled/000-default.conf
-----------------------------------------------
<VirtualHost example.com:80>

    ServerAdmin me@example.com
    ServerName example.com
    ServerAlias example.com
    ProxyPass / http://localhost:8091/
    ProxyPassReverse / http://localhost:8091/

    ErrorLog ${APACHE_LOG_DIR}/example.com-error_log
    CustomLog ${APACHE_LOG_DIR}/example.com-access_log combined

</VirtualHost>

service apache2 restart

now app is available only under

- http://example.com